Better log for containerd setup. Setup nydus

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>

.github/workflows/npm-release.yml

@@ -58,6 +58,13 @@ jobs:
       run: |
         chmod +x contrib/free_disk_space.sh
         ./contrib/free_disk_space.sh
+    - name: Setup nydus
+      run: |
+        curl -LO https://github.com/dragonflyoss/nydus/releases/download/v2.2.4/nydus-static-v2.2.4-linux-amd64.tgz
+        tar -xvf nydus-static-v2.2.4-linux-amd64.tgz
+        chmod +x nydus-static/*
+        mv nydus-static/* /usr/local/bin/
+        rm -rf nydus-static-v2.2.4-linux-amd64.tgz nydus-static
     - name: Set up QEMU
       uses: docker/setup-qemu-action@v2
     - name: Set up Docker Buildx
@@ -68,7 +75,6 @@ jobs:
         registry: ghcr.io
         username: ${{ github.actor }}
         password: ${{ secrets.GITHUB_TOKEN }}
-
     - name: Extract metadata (tags, labels) for Docker
       id: meta
       uses: docker/metadata-action@v4
@@ -86,6 +92,10 @@ jobs:
         labels: ${{ steps.meta.outputs.labels }}
         cache-from: type=gha,scope=cdxgen
         cache-to: type=gha,mode=max,scope=cdxgen
+    - name: nydusify
+      run: |
+        nydusify convert --source=ghcr.io/cyclonedx/cdxgen:master --target ghcr.io/cyclonedx/cdxgen-nydus:master
+      if: github.ref == 'refs/heads/master'
     - name: Extract metadata (tags, labels) for Docker
       id: meta2
       uses: docker/metadata-action@v4

docker.js

@@ -30,9 +30,22 @@ let dockerConn = undefined;
 let isPodman = false;
 let isPodmanRootless = true;
 let isDockerRootless = false;
+// https://github.com/containerd/containerd
+let isContainerd = !!process.env.CONTAINERD_ADDRESS;
 const WIN_LOCAL_TLS = "http://localhost:2375";
 let isWinLocalTLS = false;
 
+if (
+  !process.env.DOCKER_HOST &&
+  (process.env.CONTAINERD_ADDRESS ||
+    (process.env.XDG_RUNTIME_DIR &&
+      existsSync(
+        join(process.env.XDG_RUNTIME_DIR, "containerd-rootless", "api.sock")
+      )))
+) {
+  isContainerd = true;
+}
+
 /**
  * Method to get all dirs matching a name
  *
@@ -252,7 +265,9 @@ const getDefaultOptions = () => {
 };
 
 export const getConnection = async (options) => {
-  if (!dockerConn) {
+  if (isContainerd) {
+    return undefined;
+  } else if (!dockerConn) {
     const defaultOptions = getDefaultOptions();
     const opts = Object.assign(
       {},
@@ -442,6 +457,12 @@ export const getImage = async (fullImageName) => {
   if (tag === "" && digest === "") {
     fullImageName = fullImageName + ":latest";
   }
+  if (isContainerd) {
+    console.log(
+      "containerd/nerdctl is currently unsupported. Export the image manually and run cdxgen against the tar image."
+    );
+    return undefined;
+  }
   if (isWin) {
     let result = spawnSync("docker", ["pull", fullImageName], {
       encoding: "utf-8"

index.js

@@ -1860,7 +1860,7 @@ export const createNodejsBom = async (path, options) => {
   const parentSubComponents = [];
   let ppurl = "";
   // Docker mode requires special handling
-  if (["docker", "oci", "os"].includes(options.projectType)) {
+  if (["docker", "oci", "container", "os"].includes(options.projectType)) {
     const pkgJsonFiles = getAllFiles(path, "**/package.json", options);
     // Are there any package.json files in the container?
     if (pkgJsonFiles.length) {
@@ -1880,7 +1880,7 @@ export const createNodejsBom = async (path, options) => {
   }
   let allImports = {};
   if (
-    !["docker", "oci", "os"].includes(options.projectType) &&
+    !["docker", "oci", "container", "os"].includes(options.projectType) &&
     !options.noBabel
   ) {
     if (DEBUG_MODE) {
@@ -2753,7 +2753,7 @@ export const createGoBom = async (path, options) => {
   if (gomodFiles.length) {
     let shouldManuallyParse = false;
     // Use the go list -deps and go mod why commands to generate a good quality BOM for non-docker invocations
-    if (!["docker", "oci", "os"].includes(options.projectType)) {
+    if (!["docker", "oci", "container", "os"].includes(options.projectType)) {
       for (const f of gomodFiles) {
         const basePath = dirname(f);
         // Ignore vendor packages
@@ -2865,7 +2865,7 @@ export const createGoBom = async (path, options) => {
       }
     }
     // Parse the gomod files manually. The resultant BOM would be incomplete
-    if (!["docker", "oci", "os"].includes(options.projectType)) {
+    if (!["docker", "oci", "container", "os"].includes(options.projectType)) {
       console.log(
         "Manually parsing go.mod files. The resultant BOM would be incomplete."
       );
@@ -3154,7 +3154,7 @@ export const createCppBom = (path, options) => {
   // inside of other project types. So we currently limit this analyis only when -t argument
   // is used.
   if (
-    !["docker", "oci", "os"].includes(options.projectType) &&
+    !["docker", "oci", "container", "os"].includes(options.projectType) &&
     (!options.createMultiXBom || options.deep)
   ) {
     let osPkgsList = [];
@@ -5296,6 +5296,7 @@ export const createBom = async (path, options) => {
     projectType === "docker" ||
     projectType === "podman" ||
     projectType === "oci" ||
+    projectType === "container" ||
     path.startsWith("docker.io") ||
     path.startsWith("quay.io") ||
     path.startsWith("ghcr.io") ||